<template>
  <div class="bug-bounty">
    <Header @changelang="changeLanguage" bgColor="linear-gradient(90deg, #7719c7 0%, #431092 27%, #0e065d 70%, #080055 100%)"></Header>
    <article>
    	<div class="QtGlobal-components">
    		<div class="QtGlobal-component">
    			<div class="QtGlobal-hero-internal">
    				<div class="QtGlobal-content-wrapper">
    					<div class="copy">
    						<p class="subheader">Bug Bounty</p>
    						<h1>
    							<p><strong>Get Bitcoin</strong> <br />
    								for finding security bugs</p>
    						</h1>
    					</div>
    				</div>
    				<div class="illustration"></div>
    			</div>
    		</div>
    		<div class="QtGlobal-component">
    			<div class="QtGlobal-article-body" id="">
    				<div class="QtGlobal-content-wrapper">
    					<div class="">
    						<h2><span><strong>About</strong></span>
    						</h2>
    						<div class="body">
    							<p>Founded in 2011, QtGlobal Digital Asset Exchange is one of the world’s largest and oldest bitcoin
    								exchanges with the widest selection of digital assets and national currencies. Based in San Francisco
    								with offices around the world, QtGlobal’s trading platform is consistently rated the best and most secure
    								digital asset exchange by independent news media. Trusted by hundreds of thousands of traders,
    								institutions, and authorities, including Germany’s BaFin regulated Fidor Bank, QtGlobal is the first
    								exchange to display its market data on the Bloomberg Terminal, pass a cryptographically verifiable
    								proof-of-reserves audit, and the first to offer spot trading with margin. QtGlobal investors include
    								Blockchain Capital, Digital Currency Group, Hummingbird Ventures and Money Partners Group.</p>
    						</div>
    					</div>
    				</div>
    			</div>
    		</div>
    		<div class="QtGlobal-component">
    			<div class="QtGlobal-article-body" id="">
    				<div class="QtGlobal-content-wrapper">
    					<div class="">
    						<h2><span><strong>Policy</strong></span>
    						</h2>
    						<div class="body">
    							<p>QtGlobal strongly believes in the value of security professionals and developers assisting in keeping our
    								products and users safe. QtGlobal has established and encourages the use of responsibly disclosing all
    								security vulnerabilities in our Bug Bounty Program. The Bug Bounty program serves the QtGlobal mission by
    								helping us be the most trusted company in the digital currency market.</p>
    							<p>QtGlobal agrees not to initiate legal action for security research performed following all posted QtGlobal
    								Bug Bounty policies, including good faith, accidental violations. We believe activities conducted
    								consistent with this policy constitute “authorized” conduct under the Computer Fraud and Abuse Act, the
    								DMCA, and applicable anti-hacking laws such as Cal. Penal Code 503(c). We will not bring a claim against
    								researchers for circumventing the technological measures we have used to protect the applications in
    								scope of the Bug Bounty Program.</p>
    							<p>It is required that each researcher submit a notification to use before engaging in conduct that may be
    								inconsistent with or unaddressed by policy.</p>
    						</div>
    					</div>
    				</div>
    			</div>
    		</div>
    		<div class="QtGlobal-component">
    			<div class="QtGlobal-article-body" id="">
    				<div class="QtGlobal-content-wrapper">
    					<div class="">
    						<h2><span><strong>Rewards</strong></span>
    						</h2>
    						<div class="body">
    							<p>All bounty submissions are rated by QtGlobal and paid out based on vulnerability rating. All payouts will
    								proceed in BTC and are defined as a guideline and subject to change.</p>
    							<ul>
    								<li>All bug reports must be submitted to <a data-testid="site-link" href="mailto:admin@qtglobal.cc">admin@qtglobal.cc</a></li>
    								<li>Asking for payment in exchange for vulnerability details will result in immediate ineligibility of
    									bounty payments. </li>
    								<li>If we cannot reproduce your findings, your report will not be eligible for payout. We ask you to
    									provide as detailed a report as possible with all steps necessary to reproduce your findings. </li>
    								<li>Include your Bitcoin (BTC) Address for Payment. All rewards will be issued in Bitcoin.</li>
    								<li>The minimum payout is Bitcoin (BTC) equivalent of $500 USD.</li>
    							</ul>
    						</div>
    					</div>
    				</div>
    			</div>
    		</div>
    		<div class="QtGlobal-component">
    			<div class="QtGlobal-content-wrapper">
    				<div class="QtGlobal-tabs">
    					<div class="arrow-selector">
    						<div class="QtGlobal-selector tab-selector">
    							<div class="QtGlobal-radio-set QtGlobal-only-desktop tab-selector"><label><input type="radio" name="radio-set-tab-e0fee472-816c-4fe2-86dc-6fb425afe3ed"
    									 checked="" />
    									<div class="button">In Scope</div>
    								</label><label><input type="radio" name="radio-set-tab-8dae2bd1-f70f-48cd-a216-b204a39dba2d" />
    									<div class="button">Out of Scope</div>
    								</label></div>
    							<div class="QtGlobal-dropdown QtGlobal-only-mobile tab-selector"><label><select>
    										<option selected="" value="tab-e0fee472-816c-4fe2-86dc-6fb425afe3ed">In Scope</option>
    										<option value="tab-8dae2bd1-f70f-48cd-a216-b204a39dba2d">Out of Scope</option>
    									</select></label></div>
    						</div>
    						<div class="tab-arrow" style="left:20px"></div>
    					</div>
    					<div class="tabs">
    						<div class="tab displayed">
    							<div class="QtGlobal-table nowrap">
    								<div class="sidebar">
    									<h3><span>The following properties are in scope for bug bounty rewards</span>
    									</h3>
    									<p>All rewards will be issued in Bitcoin</p>
    								</div>
    								<div class="sidebar-table-wrapper">
    									<table class="nowrap">
    										<thead>
    											<tr class="row">
    												<th class="entry field-title" scope="col">URL</th>
    												<th class="entry field-title" scope="col">Property Name</th>
    											</tr>
    										</thead>
    										<tbody>
    											<tr class="row">
    												<td class="entry">www.qtglobal.net</td>
    												<td class="entry">Main Website</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">www.qtglobal.net</td>
    												<td class="entry">REST API</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">
    													<ul>
    														<li>ws.QtGlobal.com</li>
    														<li>ws-auth.QtGlobal.com</li>
    													</ul>
    												</td>
    												<td class="entry">WebSockets API</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">futures.QtGlobal.com</td>
    												<td class="entry">QtGlobal Futures Site</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">futures.QtGlobal.com/derivatives/api/v3</td>
    												<td class="entry">QtGlobal Futures REST API</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">trade.QtGlobal.com</td>
    												<td class="entry">QtGlobal Pro Site</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">www.cryptowat.ch</td>
    												<td class="entry">Cryptowatch Main Site</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">api.cryptowat.ch</td>
    												<td class="entry">Cryptowatch REST API</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">stream.cryptowat.ch</td>
    												<td class="entry">Cryptowatch WebSockets API</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">www.cryptofacilities.com</td>
    												<td class="entry">Crypto Facilities Website</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">www.cfbenchmarks.com</td>
    												<td class="entry">Cfbenchmarks Website</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">
    													<ul class="link-list">
    														<li><a data-testid="site-link" target="_blank" rel="noopener" href="/redirect?url=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.QtGlobal.invest.app">Android
    																App</a></li>
    														<li><a data-testid="site-link" target="_blank" rel="noopener" href="/redirect?url=https%3A%2F%2Fapps.apple.com%2Fus%2Fapp%2Fid1481947260">iOS
    																App</a></li>
    													</ul>
    												</td>
    												<td class="entry">QtGlobal Mobile Application</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">
    													<ul class="link-list">
    														<li><a data-testid="site-link" target="_blank" rel="noopener" href="/redirect?url=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.QtGlobal.trade">Android
    																App</a></li>
    														<li><a data-testid="site-link" target="_blank" rel="noopener" href="/redirect?url=https%3A%2F%2Fapps.apple.com%2Fapp%2FQtGlobal-pro%2Fid1473024338">iOS
    																App</a></li>
    													</ul>
    												</td>
    												<td class="entry">QtGlobal Pro Mobile Application</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">
    													<ul class="link-list">
    														<li><a data-testid="site-link" target="_blank" rel="noopener" href="/redirect?url=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.QtGlobalfutures">Android
    																App</a></li>
    														<li><a data-testid="site-link" target="_blank" rel="noopener" href="/redirect?url=https%3A%2F%2Fapps.apple.com%2Fapp%2FQtGlobal-futures%2Fid1475904904">iOS
    																App</a></li>
    													</ul>
    												</td>
    												<td class="entry">QtGlobal Futures Mobile Application</td>
    											</tr>
    										</tbody>
    									</table>
    								</div>
    							</div>
    						</div>
    						<div class="tab displayed">
    							<div class="QtGlobal-table nowrap">
    								<div class="sidebar">
    									<h3><span>The following properties are out of scope for bug bounty rewards</span>
    									</h3>
    									<p>Along with any other QtGlobal.com host or other affiliated domain host not explicitly defined as “In
    										Scope”</p>
    								</div>
    								<div class="sidebar-table-wrapper">
    									<table class="nowrap">
    										<thead>
    											<tr class="row">
    												<th class="entry field-title" scope="col">URL</th>
    												<th class="entry field-title" scope="col">Property Name</th>
    											</tr>
    										</thead>
    										<tbody>
    											<tr class="row">
    												<td class="entry">blog.QtGlobal.com</td>
    												<td class="entry">QtGlobal Blog</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">docs.QtGlobal.com</td>
    												<td class="entry">QtGlobal API Documentation site</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">status.QtGlobal.com</td>
    												<td class="entry">QtGlobal Status Site</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">support.QtGlobal.com</td>
    												<td class="entry">QtGlobal Support Site</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">docs.cryptowat.ch</td>
    												<td class="entry">Cryptowatch Documentation Site</td>
    											</tr>
    											<tr class="row">
    												<td class="entry">surveys.QtGlobal.com</td>
    												<td class="entry">QtGlobal Survey Site</td>
    											</tr>
    										</tbody>
    									</table>
    								</div>
    							</div>
    						</div>
    					</div>
    				</div>
    			</div>
    		</div>
    		<div class="QtGlobal-component">
    			<div class="QtGlobal-article-body" id="">
    				<div class="QtGlobal-content-wrapper">
    					<div class="">
    						<h2><span><strong>Vulnerability Ratings</strong></span>
    						</h2>
    						<div class="body">
    							<p><strong>Critical</strong></p>
    							<p>Critical severity issues present a direct and immediate risk to a broad array of our users or to QtGlobal
    								itself. They often affect relatively low-level /foundational components in one of our application stacks
    								or infrastructure. For example:</p>
    							<ul>
    								<li>arbitrary code/command execution on a server in our production network.</li>
    								<li>arbitrary queries on a production database.</li>
    								<li>bypassing our sign-in process, either password or 2FA.</li>
    								<li>access to sensitive production user data or access to internal production systems.</li>
    							</ul>
    							<p> </p>
    							<p><strong>High</strong></p>
    							<p>High severity issues allow an attacker to read or modify highly sensitive data that they are not
    								authorized to access. They are generally more narrow in scope than critical issues, though they may still
    								grant an attacker extensive access. For example:</p>
    							<ul>
    								<li>XSS which bypasses CSP</li>
    								<li>Discovering sensitive user data in a publicly exposed resource</li>
    								<li>Gaining access to a non-critical, system to which an end user account should not have access</li>
    							</ul>
    							<p> </p>
    							<p><strong>Medium</strong></p>
    							<p>Medium severity issues allow an attacker to read or modify limited amounts of data that they are not
    								authorized to access. They generally grant access to less sensitive information than high severity
    								issues. For example:</p>
    							<ul>
    								<li>Disclosing non-sensitive information from a production system to which the user should not have
    									access</li>
    								<li>XSS that does not bypass CSP or does not execute sensitive actions in another user’s session</li>
    								<li>CSRF for low risk actions</li>
    							</ul>
    							<p> </p>
    							<p><strong>Low</strong></p>
    							<p>Low severity issues allow an attacker to access extremely limited amounts of data. They may violate an
    								expectation for how something is intended to work, but it allows nearly no escalation of privilege or
    								ability to trigger unintended behavior by an attacker. For example:</p>
    							<ul>
    								<li>Triggering verbose or debug error pages without proof of exploitability or obtaining sensitive
    									information.</li>
    							</ul>
    							<p> </p>
    							<h3>Ineligibility</h3>
    							<p>Reports in which we are not interested include:</p>
    							<ul>
    								<li>Vulnerabilities on sites hosted by third parties (support.QtGlobal.com, etc) unless they lead to a
    									vulnerability on the main website. Vulnerabilities and bugs on the QtGlobal blog (blog.QtGlobal.com)</li>
    								<li>Vulnerabilities contingent on physical attack, social engineering, spamming, DDOS attack, etc.</li>
    								<li>Vulnerabilities affecting outdated or unpatched browsers.</li>
    								<li>Vulnerabilities in third party applications that make use of QtGlobal&#x27;s API.</li>
    								<li>Vulnerabilities that have not been responsibly investigated and reported.</li>
    								<li>Vulnerabilities already known to us, or already reported by someone else (reward goes to first
    									reporter). Issues that aren&#x27;t reproducible.</li>
    								<li>Vulnerabilities that require an improbable level of user interaction.</li>
    								<li>Vulnerabilities that require root/jailbreak on mobile.</li>
    								<li>Missing security headers without proof of exploitability.</li>
    								<li>TLS Cipher Suites offered.</li>
    								<li>Suggestions on best practices.</li>
    								<li>Software version disclosure.</li>
    								<li>Any report without an accompanying proof of concept exploit.</li>
    								<li>Issues that we can&#x27;t reasonably be expected to do anything about.</li>
    								<li>The output from automated tools/scanners.</li>
    								<li>Issues without any security impact.</li>
    							</ul>
    							<p> </p>
    							<h3>Non-security Issues</h3>
    							<p>You can let us know about non-security issues at <a data-testid="site-link" target="_blank" rel="noopener"
    								 href="/redirect?url=https%3A%2F%2Fsupport.QtGlobal.com">https://support.QtGlobal.com</a>.</p>
    						</div>
    					</div>
    				</div>
    			</div>
    		</div>
    	</div>
    </article>
    <Footer></Footer>
  </div>
</template>

<script>
  import Header from "@/components/header";
  import Footer from "@/components/footer";
  import commonMixins from "@/mixins";

  export default {
      mixins: [commonMixins],
      components: {
          Header,
          Footer
      },
      computed: {
        isLogin() {
          return this.$store.state.usertoken ? true : false;
        }
      },
      watch:{
      },
      data () {
          return {
          }
      },
      created(){
      },
      mounted(){
      },
      methods:{
        next_fn() {
          if(this.isLogin) {
            this.$router.push('trade');
          } else {
            this.$router.push('login');
          }
        },
      }
  }
</script>

<style lang="less" scoped="scoped">
.bug-bounty {
  padding-top: 100px;
}
</style>
